Table of Contents
Backup and security notes
This serves as a note area as well as formal documentation. Excuse the careless writing here, it evolves.
Contact Details
Goals:
To ensure constant uptime of the site by:
* Rebuff Hacking attempts * Guard against information loss * Increase portability of the site (move the site in a hurry if needed)
Server Security:
- Enquire with ISP about how to handle problems with SYN floods.
(most isps have special hardware to mitigate syn floods, we just need to know how to request services)
JPM: Raises in syn packets are monitored throughout the core network. There is also a netflow system to model DDoS attempts if such a situation arises
- Request users to rotate passwords?
Information backup:
Need to:
- export database regularly, save locally, off site as well
JPM: Currently a cron job running every 30 minutes that does a secure rsync of /home/haiti to a remote colo. On the remote colo rsnapshot is being run to provide hourly, daily and weekly differentials as not not add load on the main VM
- Where to store offsite data?
- Save the site's data “somewhere”
(check it back in into another branch?) (tarball it and upload it with the db?)
Methodology:
* From a crontab:
- Export the db using mysqldump, ionice and renice low priority, make sure no two running simultaneously
- Encrypt database?
- Either check in or tarbal local code (can't trust no local edits done, old sysadmin rule)
- Encrypt tarball?
- Rununning rsync on a directory to at least two other sites.